<?php
// +---------------------------------------------------------------------------+
// | This file is part of the KnowledgebasePublisher package                   |
// | KnowledgebasePublisher - web based knowledgebase publisher tool           |
// |                                                                           |
// | Author:  Evgeny Leontev <eleontev@gmail.com>                              |
// | Copyright (c) 2005 Evgeny Leontev                                         |
// |                                                                           |
// | For the full copyright and license information, please view the LICENSE   |
// | file that was distributed with this source code.                          |
// +---------------------------------------------------------------------------+

class UserModel extends AppModel
{

	var $tables = array('table'=>'user', 'user', 'priv', 'priv_name');
	

	function getRecordsSql() {
		$sql = "
		SELECT 
			u.*
		FROM 
			{$this->tbl->user} u,
			{$this->tbl->priv} p
		WHERE 1 
			AND u.id = p.user_id
			AND {$this->sql_params}
		{$this->sql_params_order}";
		
		return $sql;
	}
	
	
	
	// if check priv is different for model so reassign 	
	function checkPriv(&$priv, $action, $record_id) {
		
		$sql = "SELECT 1 FROM {$this->tbl->user} 
		WHERE id = '{$record_id}'
		AND id = {$priv->user_id}";
		$priv->setOwnSql($sql);
		$priv->check($action);
		
		$priv->setOwnParam(sprintf("id=%d", $priv->user_id));
		$this->setSqlParams('AND ' . $priv->getOwnParam());
	}
	
	
	function save(&$obj, $grantor = 1) {
		
		if(!$obj->get('id')) {
			
			$user_id = $this->add($obj);
			
			if($obj->is_admin) {
				$this->addPriv($obj, $user_id, $grantor);
			}
			
		} else {
			
			$this->update($obj);
			$user_id = $obj->get('id');
			
			if($obj->is_admin) {
				$this->deletePriv($user_id);
				$this->addPriv($obj, $user_id, $grantor);
			}
		}
	}
	
	
	// return true if we already have such username false otherwise
	function isUsernameExists($username, $id = false) {
		
		$cond = ($id) ? "id != '$id'" : "1=1"; 
		
		$sql = "SELECT 1 FROM {$this->tbl->user} WHERE username = '$username' AND $cond";
		$result =& $this->db->Execute($sql) or die(db_error($sql));
		return (bool) ($result->Fields(1));
	}
	
	
	// return true if we already have such username false otherwise
	function isEmailExists($email, $id = false) {
		
		$cond = ($id) ? "email != '$email'" : "1=1"; 
		
		$sql = "SELECT 1 FROM {$this->tbl->user} WHERE email = '$email' AND $cond";
		$result =& $this->db->Execute($sql) or die(db_error($sql));
		return (bool) ($result->Fields(1));
	}
	
	
	// PRIV // -----------------
	
	// return user permission array
	function & getPrivById($record_id) {
		$sql = "SELECT id, priv_name_id FROM {$this->tbl->priv} 
		WHERE user_id = '{$record_id}'";
		$result =& $this->db->Execute($sql) or die(db_error($sql));
		return $result->GetAssoc();
	}

	
	// in list records
	function & getPrivByIds($record_id) {		
		$sql = "SELECT user_id, priv_name_id 
		FROM {$this->tbl->priv} WHERE user_id IN ($record_id)";
		$result =& $this->db->Execute($sql) or die(db_error($sql));
		while($row = $result->FetchRow()){
			$data[$row['user_id']][] = $row['priv_name_id'];
		}
		
		return $data;
	}	
		
	
	// return all privieges to generate select
	function getAllPriv($cond = '1=1') {
		$sql = "SELECT n.id, n.name FROM {$this->tbl->priv_name} n WHERE $cond";
		$result =& $this->db->Execute($sql) or die(db_error($sql));
		return ($result) ? $result->GetAssoc() : array();
	}
	
	
	function getPrivSelectRange() {
		return $this->getAllPriv();
	}
	
	
	function addPriv(&$obj, $record_id, $grantor_id = false) {
		
		require_once 'eleontev/SQL/MultiInsert.php';
		
		$priv = $obj->getPriv();
		$priv = (is_array($priv)) ? $priv : array($priv);
		foreach($priv as $k => $v) {
			$privs[] = array($v);
		}
		
		$sql = MultiInsert::get("INSERT {$this->tbl->priv} (priv_name_id, id, user_id, grantor, timestamp) 
		                         VALUES ?", $privs, array(NULL, $record_id, $grantor_id, 'NOW()'));
		
		//echo "<pre>"; print_r($sql); echo "</pre>";
		//exit;
		
		return $this->db->Execute($sql) or die(db_error($sql));
	}
	
	
	
	// DELETE // ---------------------------
	
	function deletePriv($record_id) {
		$sql = "DELETE FROM {$this->tbl->priv} WHERE user_id IN ($record_id)";
		return $this->db->Execute($sql) or die(db_error($sql));
	}
	
	
	function deleteUser($record_id) {
		$sql = "DELETE FROM {$this->tbl->user} WHERE id IN ($record_id)";
		return $this->db->Execute($sql) or die(db_error($sql));
	}
	
	
	function delete($record_id) {
		
		// convert to string 1,2,3... to use in IN()
		$record_id = $this->idToString($record_id);
		
		$this->deleteUser($record_id);
		$this->deletePriv($record_id);
	}
}
?>